['Manage GRC Program', 'Strategy Development', 'Incident Response and Crisis Management', '3rd party Risk assessment reports', 'Current Security Posture Evaluation', 'Define GRC Program', '3rd party Risk Management', 'Testing strategy and evaluation criteria', 'GRC Program roadmap', 'Information Security Budgeting and Procurement Management', 'Compliance Management', 'Compliance and Regulatory Alignment', 'Security Awareness Program Implementation', 'Team management', 'Recruitment', 'Policy and Procedures Review & Development', 'Risk assessment reports', 'Direction and leadership', 'Training material']